Snapmanager
This hub aggregates every CVE we track for Snapmanager, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
180
CVEs tracked
20
Critical
50
High
1
In CISA KEV
Severity distribution
MEDIUM75HIGH50LOW35CRITICAL20
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Snapmanager.
- CVE-2022-40304An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can...7.8
- CVE-2022-40303An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an...7.5
- CVE-2022-2068The c_rehash script allows command injection7.3
- CVE-2022-1473Resource leakage when decoding certificates and keys7.5
- CVE-2022-1434Incorrect MAC key used in the RC4-MD5 ciphersuite5.9
- CVE-2022-1343OCSP_basic_verify may incorrectly verify the response signing certificate5.3
- CVE-2022-1292The c_rehash script allows command injection7.3
- CVE-2022-29824In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitatio...6.5
- CVE-2022-22968In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectiv...5.3
- CVE-2022-23308valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.7.5
- CVE-2022-21366Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Orac...5.3
- CVE-2022-21365Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13...5.3
- CVE-2022-21360Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13...5.3
- CVE-2022-21349Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle Graal...5.3
- CVE-2022-21341Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 1...5.3
Product normalization is registry-driven with AI assist and human review. How it works